Ninja forms WordPress plugin – high risk vulnerability

A high risk alert was issued today (05/05/2016 ) highlighting a very high risk vulnerability in the popular Ninja Forms plugin versions 2.9.36 to 2.9.42.

There are apparently more than 500,000 active installs of this plugin on WordPress sites Worldwide which makes the potential impact quite widespread and significant.

This is a new vulnerability so not that many attacks have been detected yet (in the first few hours) but security companies expect this to ramp up significantly within the next 48 hours and there will almost certainly be widespread attacks that will attempt to exploit this.

What to do ?

• Do it now !
• Check if your WordPress site has the Ninja Forms plugin installed.
• Check the version and update it to the latest version (2.9.45) or greater.

Steve Wood owns and runs Scalar Enterprises based in Portsmouth in Hampshire. He offers a range of services including Web design, Internet marketing and search engine optimisation (SEO) to small businesses and SMEs in Hampshire and the surrounding areas.